WordPress 2.8.5 was released yesterday, which includes a fix for a denial-of-service (DoS) attack and a number of changes that removed code that could potentially be used to hack into WordPress. The denial-of-service attack utilizes specially crafted trackbacks that cause WordPress to use a significant amount of processing power when they are processed which could lead WordPress becoming unresponsive. The code removal changes were originally developed for the upcoming version 2.9 and were backported to improve security as soon as possible.
Don’t Get Caught With Plugin VulnerabililitesWith our Plugin Vulnerabilities service you are alerted if you any of the WordPress plugins you use contain a security vulnerability.
Search This Blog
- Where Are The Vulnerabilities That SiteLock’s Vulnerability Scanning Should Have Found?
- Joomla Firewalls Are Not a Replacement For Properly Cleaning Up a Hacked Website
- SiteLock Promoted Services To WordPress.com Users That Are Not Relevant to Them
- SiteLock Filed a DMCA Takedown Notice Against Our Website For A Screenshot of Their Homepage
- Joomla Hack Cleanup Provider Still Using Joomla Version EOL’d Over Four and Half Years Ago
Web Software Updates
Did We Make a Mistake?While it seems to be acceptable for blogs discussing web security to contain numerous factual mistakes, we hold ourselves to a higher standard. We only write about things that we actually understand and only after we have double checked the information. So if you see a mistake in one of our posts please leave a comment on the post or contact us so that we can add a correction.